| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | # Test whether `networking.proxy' work as expected. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | # TODO: use a real proxy node and put this test into networking.nix | 
					
						
							|  |  |  | # TODO: test whether nix tools work as expected behind a proxy | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | let default-config = { | 
					
						
							|  |  |  |         imports = [ ./common/user-account.nix ]; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         services.xserver.enable = false; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         virtualisation.memorySize = 128; | 
					
						
							|  |  |  |       }; | 
					
						
							| 
									
										
										
										
											2020-01-21 21:29:43 -08:00
										 |  |  | in import ./make-test-python.nix ({ pkgs, ...} : { | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  |   name = "networking-proxy"; | 
					
						
							| 
									
										
										
										
											2021-01-10 20:08:30 +01:00
										 |  |  |   meta = with pkgs.lib.maintainers; { | 
					
						
							| 
									
										
										
										
											2015-07-12 12:09:40 +02:00
										 |  |  |     maintainers = [  ]; | 
					
						
							|  |  |  |   }; | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |   nodes = { | 
					
						
							|  |  |  |     # no proxy | 
					
						
							|  |  |  |     machine = | 
					
						
							| 
									
										
										
										
											2018-07-20 20:56:59 +00:00
										 |  |  |       { ... }: | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |       default-config; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     # proxy default | 
					
						
							|  |  |  |     machine2 = | 
					
						
							| 
									
										
										
										
											2018-07-20 20:56:59 +00:00
										 |  |  |       { ... }: | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |       default-config // { | 
					
						
							|  |  |  |         networking.proxy.default = "http://user:pass@host:port"; | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     # specific proxy options | 
					
						
							|  |  |  |     machine3 = | 
					
						
							| 
									
										
										
										
											2018-07-20 20:56:59 +00:00
										 |  |  |       { ... }: | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |       default-config // | 
					
						
							|  |  |  |       { | 
					
						
							|  |  |  |         networking.proxy = { | 
					
						
							|  |  |  |           # useless because overriden by the next options | 
					
						
							|  |  |  |           default = "http://user:pass@host:port"; | 
					
						
							|  |  |  |           # advanced proxy setup | 
					
						
							|  |  |  |           httpProxy = "123-http://user:pass@http-host:port"; | 
					
						
							|  |  |  |           httpsProxy = "456-http://user:pass@https-host:port"; | 
					
						
							|  |  |  |           rsyncProxy = "789-http://user:pass@rsync-host:port"; | 
					
						
							|  |  |  |           ftpProxy = "101112-http://user:pass@ftp-host:port"; | 
					
						
							|  |  |  |           noProxy = "131415-127.0.0.1,localhost,.localdomain"; | 
					
						
							|  |  |  |         }; | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     # mix default + proxy options | 
					
						
							|  |  |  |     machine4 = | 
					
						
							| 
									
										
										
										
											2018-07-20 20:56:59 +00:00
										 |  |  |       { ... }: | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |       default-config // { | 
					
						
							|  |  |  |         networking.proxy = { | 
					
						
							|  |  |  |           # open for all *_proxy env var | 
					
						
							|  |  |  |           default = "000-http://user:pass@default-host:port"; | 
					
						
							|  |  |  |           # except for those 2 | 
					
						
							|  |  |  |           rsyncProxy = "123-http://user:pass@http-host:port"; | 
					
						
							|  |  |  |           noProxy = "131415-127.0.0.1,localhost,.localdomain"; | 
					
						
							|  |  |  |         }; | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  |     }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   testScript = | 
					
						
							|  |  |  |     ''
 | 
					
						
							| 
									
										
										
										
											2020-01-21 21:29:43 -08:00
										 |  |  |       from typing import Dict, Optional | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       def get_machine_env(machine: Machine, user: Optional[str] = None) -> Dict[str, str]: | 
					
						
							|  |  |  |           """
 | 
					
						
							|  |  |  |           Gets the environment from a given machine, and returns it as a | 
					
						
							|  |  |  |           dictionary in the form: | 
					
						
							|  |  |  |               {"lowercase_var_name": "value"} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           Duplicate environment variables with the same name | 
					
						
							|  |  |  |           (e.g. "foo" and "FOO") are handled in an undefined manner. | 
					
						
							|  |  |  |           """
 | 
					
						
							|  |  |  |           if user is not None: | 
					
						
							|  |  |  |               env = machine.succeed("su - {} -c 'env -0'".format(user)) | 
					
						
							|  |  |  |           else: | 
					
						
							|  |  |  |               env = machine.succeed("env -0") | 
					
						
							|  |  |  |           ret = {} | 
					
						
							|  |  |  |           for line in env.split("\0"): | 
					
						
							|  |  |  |               if "=" not in line: | 
					
						
							|  |  |  |                   continue | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |               key, val = line.split("=", 1) | 
					
						
							|  |  |  |               ret[key.lower()] = val | 
					
						
							|  |  |  |           return ret | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       start_all() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       with subtest("no proxy"): | 
					
						
							|  |  |  |           assert "proxy" not in machine.succeed("env").lower() | 
					
						
							|  |  |  |           assert "proxy" not in machine.succeed("su - alice -c env").lower() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       with subtest("default proxy"): | 
					
						
							|  |  |  |           assert "proxy" in machine2.succeed("env").lower() | 
					
						
							|  |  |  |           assert "proxy" in machine2.succeed("su - alice -c env").lower() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       with subtest("explicitly-set proxy"): | 
					
						
							|  |  |  |           env = get_machine_env(machine3) | 
					
						
							|  |  |  |           assert "123" in env["http_proxy"] | 
					
						
							|  |  |  |           assert "456" in env["https_proxy"] | 
					
						
							|  |  |  |           assert "789" in env["rsync_proxy"] | 
					
						
							|  |  |  |           assert "101112" in env["ftp_proxy"] | 
					
						
							|  |  |  |           assert "131415" in env["no_proxy"] | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           env = get_machine_env(machine3, "alice") | 
					
						
							|  |  |  |           assert "123" in env["http_proxy"] | 
					
						
							|  |  |  |           assert "456" in env["https_proxy"] | 
					
						
							|  |  |  |           assert "789" in env["rsync_proxy"] | 
					
						
							|  |  |  |           assert "101112" in env["ftp_proxy"] | 
					
						
							|  |  |  |           assert "131415" in env["no_proxy"] | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       with subtest("default proxy + some other specifics"): | 
					
						
							|  |  |  |           env = get_machine_env(machine4) | 
					
						
							|  |  |  |           assert "000" in env["http_proxy"] | 
					
						
							|  |  |  |           assert "000" in env["https_proxy"] | 
					
						
							|  |  |  |           assert "123" in env["rsync_proxy"] | 
					
						
							|  |  |  |           assert "000" in env["ftp_proxy"] | 
					
						
							|  |  |  |           assert "131415" in env["no_proxy"] | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           env = get_machine_env(machine4, "alice") | 
					
						
							|  |  |  |           assert "000" in env["http_proxy"] | 
					
						
							|  |  |  |           assert "000" in env["https_proxy"] | 
					
						
							|  |  |  |           assert "123" in env["rsync_proxy"] | 
					
						
							|  |  |  |           assert "000" in env["ftp_proxy"] | 
					
						
							|  |  |  |           assert "131415" in env["no_proxy"] | 
					
						
							| 
									
										
										
										
											2014-11-19 20:13:54 +01:00
										 |  |  |     '';
 | 
					
						
							| 
									
										
										
										
											2015-07-12 12:09:40 +02:00
										 |  |  | }) |